package com.lzc.springboot_jsp_shiro.controller;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping("order")
@Controller
public class OrderController {

    /**
     * 模拟订单保存
     *
     * @return
     */
    @ResponseBody
    @RequestMapping(value = "save")
    @RequiresRoles("user")
    public String orderSave() {
        return "ok";
    }

    /**
     * 模拟修改订单
     *
     * @return
     */
    @ResponseBody
    @RequestMapping(value = "update")
    @RequiresPermissions("order:update:*")
    public String orderUpdate() {
        return "update";
    }

    /**
     * 模拟删除订单
     *
     * @return
     */
    @ResponseBody
    @RequestMapping(value = "delete")
    @RequiresPermissions("order:delete:*")
    public String orderDelete() {
        return "delete";
    }
}
